Here is my 2 cents for the L3VN case. If an NVE is on a server and TESs are VMs on the server, TES-NVE attach/detach is configured by DC operators. When VM is power-on, the NVE populates it in the forwarding table; When VM is power-off, the NVE removes it from the table. The forwarding between the NVE and TESs is simply an internal table lookup and delivery process on the server. If an NVE is on ToR, TESs may be either non-virtualized servers or a vSwitch on virtualized servers; the routing between NVE and TESs may use Petro's proposal or run a routing protocol such as OSPF per a VN; The forwarding between two is like [RFC4364].
Lucy -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Thomas Narten Sent: Wednesday, July 11, 2012 8:55 AM To: Luyuan Fang (lufang) Cc: [email protected] Subject: Re: [nvo3] TES-NVE attach/detach protocol security (mobility-issues draft) "Luyuan Fang (lufang)" <[email protected]> writes: > My understanding VDP is a discovery protocol for bridging��? Note: VDP stands for VSI Discovery and Configuration Protocol (though the "configuration" part is often dropped). It does more than just "discover". E.g., see http://blog.ioshints.info/2011/05/edge-virtual-bridging-evb-8021qbg-eases.html > One of the most interesting parts of EVB is the VSI Discovery and > Configuration Protocol (VDP). Using VDP, the EVB station (host) can > inform the adjacent EVB Bridge (access switch) before a VM is deployed > (started or moved). The host can also tell the switch which VLAN the > VM needs and which MAC address (or set of MAC addresses) the VM uses. > Blasting through the VLAN limits (4K VLANs allowed by 802.1Q), the VDP > supports 4-byte long Group ID, which can be mapped dynamically into > different access VLANs on as-needed basis (this is a recent addendum > to 802.1Qbg and probably allows nice interworking with I-SID field in > PBB/SPB). Also, see draft-gu-nvo3-overlay-cp-arch-00.txt and draft-gu-nvo3-tes-nve-mechanism-00.txt which has text on VDP. If anyone can point the WG to a good overview/summary of what VDP does, that would be helpful. > If you are using pure l3 end-system to end-system, there is no > bridging, there is no need for VDP. I'm not sure about that. When you say L3 TES, what is the interface between the NVE and TES? My assumption is that it is still L2, even if the service provided is L3. You'd ignore the L2 stuff (mostly), but most VMs are already set up to send L2 packets on their interfaces. Also VDP is between the Hypervisor and NVE. Thus, it may still be needed, even if the service provided to the TES is L3 only. Thomas
_______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
